On Sat, 29 Dec 2007 12:45:26 +0100
Magnus Hagander <magnus(at)hagander(dot)net> wrote:
> That is exactly my point. The server can never know if the client has
> actually verified anything. It can provide the client with the *means*
> to verify things, but it can't enforce it.
I know this is probably obvious to most people in this discussion and I
don't mean to impugn Magnus just because I am latching onto his message
to make this point but I suspect that this discussion would go a lot
smoother if it branches into two completely different discussions about
two completely different issues;
- 1: How does the client assure that the postmaster is legit
- 2: How does the postmaster assure that the client is legit
Does anyone think that there is one answer to both?
D'Arcy J.M. Cain <darcy(at)druid(dot)net> | Democracy is three wolves
http://www.druid.net/darcy/ | and a sheep voting on
+1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
In response to
pgsql-hackers by date
|Next:||From: Mark Mielke||Date: 2007-12-29 15:15:04|
|Subject: Re: Spoofing as the postmaster|
|Previous:||From: Simon Riggs||Date: 2007-12-29 12:36:50|
|Subject: Re: Archiver behavior at shutdown|